Information Technology

Phish: University of Vermont,Information Technology Services.

This message appears to come from a uvm.edu address, but that is a forgery.

Did you receive an email with a Subject of "University of Vermont,Information Technology Services."? This message, like others that tell you to "activate," "upgrade," "verify," "validate," or "re-validate" your mailbox or your email account, or increase your quota, is a phishing scam -- an attempt to steal your UVM credentials (your Net-ID and password). Please do not click on the link in the message, and don't reply to it; simply delete the email.

Any email that asks you to to enter your UVM password on a non-UVM web site is a phishing scam. Do not click links in such messages and do not reply. Hover your cursor over links to see where they would take you; if it's not going to "http://www.uvm.edu/" or "http://uvm.edu/", don't click.

UVM will never ask you to enter your UVM Net-ID and password on a non-UVM web page -- even if it looks like a UVM page, and even if it's on a reputable site, such as Google Docs, 123contactform.com or contactme.com, or if it contains UVM graphics and you've been directed there by an email that appears to come from a UVM email address.

And any email that asks you to to reply in order to complete a security process for your email account, or to reply with your UVM password, is a phishing scam. Email security updates are applied by UVM system administrators, with no action required on your part.

What to do if you've clicked on the link

If you've followed the link in the message, or replied to this email or one like it, you should change your password immediately at www.uvm.edu/account. Contact the UVM Computing Helpline if you need assistance changing your password.

If you are ever uncertain about the legitimacy of an email message concerning your uvm.edu account, please contact the Computing Help Line at 656-2604, or submit a help request online.

If you would like to report phishing, please forward the phishing email, as an attachment, to is-spam@labs.sophos.com and to abuse@uvm.edu. (To forward a message as an attachment using Thunderbird, go to the Message menu and select Forward As > Attachment.)

This message appears to come from a uvm.edu address, but that is a forgery. Hovering your cursor over the link shows that it would take you to a non-UVM web site, at 123contactform.com/. The message also contains a stolen UVM graphic (not shown below).

From: University of Vermont Subject: University of Vermont,Information Technology Services.Date: April 29, 2013 6:28:19 PM EDTTo: TO Reply-To: noreply@uvm.edu

This email is being sent to you because of violation security breachthat was detected by our servers. Our server detected that one of themessages you received from a contact has already infected yourweb-mail with a dangerous virus.

You can no longer be allowed to send messages or files to otherusers to prevent the spread of virus to other @uvm.edu web-mailusers. Please follow the link below to perform maintenance work neededto improve the protection of the web-mail for us to verify and have youraccount cleared against this virus.

CLICK HERE

WARNING!!! E-MAIL OWNERS who refuses to upgrade his or heraccount within 48hrs after notification of this update will permanentlybe deleted from our data base and can also lead to malfunctioning ofthe client or user's account and we will not be responsible for loosingyour account.